VMs can ping DLR interfaces (all of them) Inside and outside.
VMs can NOT ping through DLR to ESG
ESG can ping DLR interfaces (all of them) Outside and inside (VM Default gateway)
But ESG can NOT ping through DLR to VMs (but can ping a VM default gateway).
What would cause DLR not to pass VM traffic through itself to outside world?
Currently all FWs are off on DLR, ESG, and ANY/ANY on DFW.
OSPF Neighbors are correct and Default routes working on DLR and ESG.
Even with SSH enabled, DLR wont let me putty to it, even from same subnet.
Did you enable route redistribution for "connected" networks to the OSPF routing table on the DLR ?
The DLR appliance can be a little weird when it comes to communicating to/from it directly. The interface IPs assigned to logical switch interfaces don't actually exist on the control VM. They are 'LIFs' or 'logical interfaces' that exist on every ESXi host in the transport zone. If you configure dynamic routing on the DLR, you'll define a 'protocol address' as part of the process. That address should actually exist on the control VM, and can be used for ping tests, as well as to SSH into the VM etc.
Hope this helps.
Thank you for the verification on that. I am able to ssh to the control VM or protocol address of the DLR. Routing is correct on the DLR control VM and can get to 184.108.40.206 outside the environment. Still do not understand by VMs cannot communicate past the LIF.
Yes. DLR is configured to redistribute connected. As stated above, routing table on ESGs are correct.
DLR control VM also has an OSPF redistributed static from each of the upstream ESGs.
Thank you for the reply.